Scott MacVicar
|
2ea6780873
|
MFH Fix bug #35975 - Session cookie expires date format isn't the most compatible. Sync to that of setcookie().
|
2008-12-11 01:21:35 +00:00 |
|
Hannes Magnusson
|
76a17847c1
|
Deprecate session_register(), session_unregister() and
session_is_registered() (removed in HEAD)
|
2008-12-09 14:03:58 +00:00 |
|
Felipe Pena
|
fc2fb50d09
|
- MFH: Added 'static' into ZEND_BEGIN_ARG_INFO_EX macro
|
2008-11-17 11:28:01 +00:00 |
|
Felipe Pena
|
7a37fa2d6b
|
- Revert ZEND_BEGIN_ARG_INFO change
|
2008-11-02 21:19:39 +00:00 |
|
Felipe Pena
|
df10005563
|
- MFH: Added 'static' into ZEND_BEGIN_ARG_INFO_EX macro
|
2008-10-24 14:35:40 +00:00 |
|
Jani Taskinen
|
525f3c4793
|
MFH: General sync. WS / CS / etc. crap some people didn't bother to merge
MFH: before this commit..bunnies thank you all..
[DOC] - Added ext/hash support to ext/session's ID generator. (Sara)
[DOC] Ask Sara for explanation..
|
2008-08-06 05:53:31 +00:00 |
|
Jani Taskinen
|
9ad7800f52
|
- Nuke ending periods from error messages
|
2008-08-05 22:52:05 +00:00 |
|
Kalle Sommer Nielsen
|
874b456078
|
MFH: Fixes #45406 - Patch by oleg dot grenrus at dynamoid dot com
|
2008-08-04 06:21:55 +00:00 |
|
Felipe Pena
|
e304515ddb
|
- MFH: Added parameter TSRMLS_DC in zend_is_callable()
|
2008-08-02 04:46:07 +00:00 |
|
Felipe Pena
|
ca0c2340fe
|
- Added arginfo
|
2008-06-27 16:16:23 +00:00 |
|
Dmitry Stogov
|
9c3ebd10bb
|
Fixed memory leaks
|
2008-06-24 06:47:45 +00:00 |
|
Felipe Pena
|
015f82d219
|
- New parameter parsing API
|
2008-06-21 15:27:34 +00:00 |
|
Scott MacVicar
|
944061ba37
|
Fixed bug #44720 (Prevent infinite recursion within session_register)
|
2008-04-15 00:59:04 +00:00 |
|
Dmitry Stogov
|
1a08aadc9b
|
Fixed memory corruption because of double free()
|
2008-03-11 09:36:41 +00:00 |
|
Felipe Pena
|
84a8bb038a
|
MFH: New way for check void parameters
|
2008-03-10 22:15:36 +00:00 |
|
Gwynne Raskind
|
3e99d5cc5b
|
MFH: fix bug #32330 (session_destroy, "Failed to initialize storage module", custom session handler)
|
2008-03-07 23:20:32 +00:00 |
|
Sebastian Bergmann
|
d1dded8751
|
MFH: Bump copyright year, 2 of 2.
|
2007-12-31 07:17:19 +00:00 |
|
Yiduo (David) Wang
|
4b4d634cb9
|
MFH: Added macros for managing zval refcounts and is_ref statuses
|
2007-10-07 05:22:07 +00:00 |
|
Dmitry Stogov
|
6c810b0d4c
|
Improved memory usage by movig constants to read only memory. (Dmitry, Pierre)
|
2007-09-27 18:00:48 +00:00 |
|
Stanislav Malyshev
|
6b7f164803
|
correct fix for access control for save_path and .htaccess
|
2007-08-03 01:16:40 +00:00 |
|
Ilia Alshanetsky
|
3034092111
|
Fixed bug #42135 (Second call of session_start() causes creation of SID)
|
2007-07-29 14:43:30 +00:00 |
|
Ilia Alshanetsky
|
e2d606e18b
|
Fixed compiler warning
|
2007-06-17 14:25:46 +00:00 |
|
Stefan Esser
|
df7bfe0a0f
|
MFH
|
2007-06-16 07:48:07 +00:00 |
|
Stanislav Malyshev
|
70a8f9313b
|
Disallow characters that Cookie RFC does not allow in unquoted cookies
|
2007-06-15 22:40:00 +00:00 |
|
Antony Dovgal
|
d042fd0675
|
MFH: php_gmtime_r() fixes
|
2007-06-07 08:59:00 +00:00 |
|
Stanislav Malyshev
|
69650d0ebf
|
do not send cookie when session is passed in URL, same as it happens with GET/POST
|
2007-05-16 01:18:14 +00:00 |
|
Antony Dovgal
|
39f9184fa6
|
MFH: fix #40998 (long session array keys are truncated)
|
2007-04-04 19:52:19 +00:00 |
|
Ilia Alshanetsky
|
7aab16c333
|
Fixed MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability
# Discovered by Stefan Esser
|
2007-03-14 19:37:07 +00:00 |
|
Ilia Alshanetsky
|
a500d1efe9
|
Adjust checks to allow paths without a trailing /
|
2007-03-03 15:07:31 +00:00 |
|
Ilia Alshanetsky
|
4735df26f8
|
Improve safe_mode check
|
2007-03-02 00:49:47 +00:00 |
|
Ilia Alshanetsky
|
efad70c2cc
|
snprintf() -> slprintf()
|
2007-02-27 03:28:17 +00:00 |
|
Marcus Boerger
|
50ea26760d
|
- Avoid sprintf, even when checked copy'n'paste or changes lead to errors
|
2007-02-24 02:17:47 +00:00 |
|
Stanislav Malyshev
|
3e262bd369
|
disallow negative length
|
2007-02-24 01:18:14 +00:00 |
|
Dmitry Stogov
|
ae792a06b0
|
Fixed SIGSEGV
|
2007-01-10 07:04:49 +00:00 |
|
Ilia Alshanetsky
|
81729c1ece
|
Prevent SESSION/GLOBALS overload via session decoding
|
2007-01-09 15:31:12 +00:00 |
|
Sebastian Bergmann
|
4223aa4d5e
|
MFH: Bump year.
|
2007-01-01 09:36:18 +00:00 |
|
Ilia Alshanetsky
|
ba64553913
|
Added boundary checks to php_binary deserializer
|
2006-12-31 22:25:55 +00:00 |
|
Ilia Alshanetsky
|
ffd41a503f
|
Session deserializer protection.
|
2006-12-26 16:53:47 +00:00 |
|
Antony Dovgal
|
7d2142a56e
|
protect _SESSION, HTTP_SESSION_VARS and GLOBALS
maintain an internal reference of _SESSION, so that it won't be possible to destroy it from userspace
|
2006-12-20 19:31:28 +00:00 |
|
Antony Dovgal
|
bcf457d828
|
MFH: fix retval type
|
2006-12-04 15:58:48 +00:00 |
|
Ilia Alshanetsky
|
35f78f221b
|
Fixed bug #37627 (session save_path check checks the parent directory).
|
2006-12-04 15:19:26 +00:00 |
|
Ilia Alshanetsky
|
5f3e233ea7
|
Disallow \0 chars inside session.save_path
|
2006-12-01 00:27:20 +00:00 |
|
Hannes Magnusson
|
050f94f746
|
MFH: Fix double "wron param count" messages
|
2006-11-03 14:46:48 +00:00 |
|
Ilia Alshanetsky
|
b1d8f7e09d
|
Expose session storage module locater and serialization function via PHPAPI
|
2006-10-06 21:11:36 +00:00 |
|
Ilia Alshanetsky
|
154f70acf1
|
Fixed bug #38993 (Fixed safe_mode/open_basedir checks for
session.save_path, allowing them to account for extra parameters).
|
2006-10-01 20:58:02 +00:00 |
|
Antony Dovgal
|
b6ced95187
|
change ini handlers to produce E_ERROR if they are called during startup
|
2006-08-30 16:24:40 +00:00 |
|
Antony Dovgal
|
f8fd45a735
|
MFH: change E_ERROR to E_WARNING when invalid argument has been passed
make sure ini_set() doesn't reset PS(mod) and PS(serializer) to invalid values
|
2006-08-30 15:43:10 +00:00 |
|
Ilia Alshanetsky
|
7dfae526c7
|
Fixed proto
|
2006-08-10 21:10:03 +00:00 |
|
Ilia Alshanetsky
|
e5fe441cbd
|
Added support for httpOnly flag for session extension and cookie setting
functions.
# Original patch by Scott MacVicar
|
2006-08-10 13:50:56 +00:00 |
|
Antony Dovgal
|
0c4ef446e2
|
MFH: fix #38289 (segfault in session_decode() when _SESSION is NULL)
|
2006-08-02 09:16:52 +00:00 |
|